- "This risk assessment finds that criminals use DeFi services to profit from illicit activity, in particular ransomware, theft, scams, drug trafficking, and proliferation finance."
- "Key factors, such as non-compliant DeFi services, disintermediation, a lack of implementation of the international AML/CFT standards in foreign countries, and cybersecurity weaknesses in DeFi services, continue to pose vulnerabilities that enable criminal use of DeFi services to profit from illicit activity."
- "This report recognizes, however, that illicit activity is a subset of overall activity within the DeFi space and, at present, the DeFi space remains a minor portion of the overall virtual asset ecosystem."
- "Moreover, money laundering, proliferation financing, and terrorist financing most commonly occur using fiat currency or other traditional assets as opposed to virtual assets."
- Strengthen U.S. AML/CFT Supervision of Virtual Asset Activities.
- Assess Possible Enhancements to the U.S. AML/CFT Regulatory Regime as Applied to DeFi Services.
- Continue Research, Private Sector Engagement to Support Understanding of Developments in DeFi Ecosystem.
- Continue to Engage with Foreign Partners. "The United States at the FATF will press for immediate implementation of the FATF standards and advocate for FATF members to continue to monitor developments in DeFi and facilitate dialogue and mutual support on common AML/CFT implementation challenges, risk assessments, and good practices."
- Advocate for Cyber Resilience in Virtual Asset Firms, Testing of Code, and Robust Threat Information Sharing.
- Promote Responsible Innovation of Mitigation Measures. "The U.S. government should engage with developers, including through tech sprints and potentially with research and development grants, to promote innovation that seeks to mitigate the illicit finance risks of DeFi services."